Kaspersky Updates Next Platform with AI Enhancements, Unified SOC Console

Kaspersky has released a major update to its Next platform, introducing advanced AI features and a unified management console for enterprise security operations. The new Kaspersky Next Expert aims to simplify SOC management while enhancing threat detection, data analysis, and incident response.

The update comes amid growing enterprise adoption of EDR and XDR solutions, as organizations increasingly seek integrated security tools to counter complex cyber threats.

Unified SOC Console Reduces Complexity

Kaspersky Next EDR Expert has migrated to the Open Single Management Platform (OSMP), consolidating tools such as EPP, EDR, XDR, and SIEM within a single console. The move allows seamless integration of both Kaspersky and third-party solutions and ensures smooth transitions with NDR interfaces via Single Sign-On.

For large-scale deployments, resource requirements have been reduced by up to 30% for EDR Expert users and up to 60% for XDR Expert users, lowering hardware costs and improving operational efficiency.

Advanced AI Features Strengthen Threat Detection

The update introduces new AI capabilities for threat detection and response, including:

• DLL hijacking detection: Automatically identifies suspicious use of legitimate software with malicious libraries.
• Compromised account detection: Monitors login activity against normal baselines to flag potential account theft.
• KIRA AI assistant: The first GenAI-powered assistant in Kaspersky Next, KIRA helps analysts deobfuscate command lines, generate concise incident summaries, and translate natural-language threat-hunting queries into structured database queries.

These AI-driven tools aim to reduce cognitive load on SOC teams and accelerate threat analysis.

Enhanced EDR and Operational Efficiency

Kaspersky Next Expert also improves core EDR functionalities for enterprise environments:

• Integration with Kaspersky MDR enables faster, coordinated threat response.
• Linux EDR agents provide stronger protection across diverse environments.
• Playbooks and alert-merging streamline incident management.
• Attack development graphs and remote terminal access via Live Shell allow real-time response and visual analysis.
• Upgraded role-based access control offers flexible account and permission management.

Ilya Markelov, Head of Unified Platforms at Kaspersky, said the updates reflect the company’s focus on “smarter, more integrated solutions” to enable faster, more precise detection and efficient SOC operations.

With these enhancements, Kaspersky Next positions itself as a comprehensive cybersecurity platform for enterprises seeking AI-driven, all-in-one solutions for modern threat landscapes.